Cyber security - Your Ultimate Goalkeeper
In today's digital world, digitalisation is entrenched completely in our personal and professional lives and we are of course benefiting enormously from it on a local and global level. It has made us hyperconnected, it made products and services globally available, economies flourish and information and knowledge available at our finger tips.
And in our digital world, as our physical world, with every expansion comes threats and vulnerabilities; and the act of identifying, managing and preventing those is known as "Cyber Security". Even though Cyber Security is triggered by the digital world, it is not only about securing the technology, but also securing people, processes and physical devices that use such technology and it must be a collective responsibility of Individuals, Businesses and Governments as a whole.
With the Internet of Things (IoT) expanding rapidly, with some forecasts indicating that we will have 18 billion connected devices by 2022, and the number of risks and events growing exponentially, rapid action is required here and now, with proactive cooperation between all parties to ensure security, safety and privacy of individuals, businesses and society as a whole.
The big question: Can we eliminate risk 100% and be truly secure in the digital world?
Unless you are disconnected, closed off and locked out of the internet....which defies the motion of being "digital consumer". Therefore, Cyber Security is really about minimising and mitigating the risk rather than fully eliminating it.
In other words, Cyber Security is your ultimate Goalkeeper. You will be defending and stopping your opponent to score, with the complexity that you don't know what the attackers are thinking of, when they might strike and in which direction. As any sport, you can prepare yourself by excessive training, right tools, team members and of course startegies however this is to minimise the possibility of scoring; Never to eliminate it!
So who are your opposition teams?
Today, and almost all of the time, you are against multiple teams at the same time. (More difficult than any known sports to-date). They all have "Hackers" as offensive players. The targets and strengths of these teams can be grouped into following categories:
Espionage Hackers: These teams are hacking to gather knowledge about individuals or businesses to gain competitive or financial gains.
Activist Hackers: These teams are activists and motivated by politics, religion or personal belief to expose wrongdoing or exact revenge or harassment.
Nation-state Hackers: These teams are driven or supported by nation states to gather, steal or alter information and trigger impact on other nation states for national or international reasons.
Criminal Hackers: These teams are driven to initiate violence or the threat of violence, especially against civilians and critical infrastructures, in the pursuit of political, religious, personal or financial gain reasons.
What are their tactics?
These hackers has common tools and techniques which are also evolving at an exponential pace. As of today, they use:
1- Malware: A piece of software that compromises your IT system(s) and harvest data and credentials. This can be deployed through exploitation of vulnerabilities in either web browsers, plug-ins, emails or social media.
2- Social engineering: Using telephone, social media or email, tricking consumers into installing physical devices or software onto networks or providing confidential & personal data.
3- Botnets: A versatile tool, that based on a successful deployment of malware, can further infect the entire connected network.
What happens if they score?
These teams scoring can lead to a variety of damages, which include:
Operational Damages – Loss of data, networks or access that could impact manufacturing or operations (e.g. Energy cut off) or even interruption to supply chains.
Financial Damages – Financial losses and impact on either accessing or losing your finances or even affecting share price.
Intellectual property Damages – Loss of product plans, marketing plans or critical intellectual property to competitors.
Reputation Damages – Loss of brand and reputation due to incidents from any of the above threats.
Personal Damages - Loss of personal data that can be used against individuals for extortion, identity theft or as part of a scam.
So what should your defense strategy be?
As a Defense team, we all need to play our role to stop the attackers from scoring. Therefore, individuals, businesses and governments have a role to play in the Cyber security space. In each of our roles, we need to perform tasks that cover people, processes and technologies to ensure a full end to end resilience.
As an Individual:
Have you ever seen the Instagram picture from Facebook CEO, Mark Zuckerberg, in which there is a tape covering both the camera and microphone of his PC? If not here it is :)
If the CEO of Facebook doesn't trust his PC, should you be excessively over protective? Well, I don't think so. As an individual, you are constantly being attacked by Hackers, sometimes with your knowledge and sometimes not (e.g. Consumer computers encounter 2 times the number of threats as compared to enterprise computers). You simply need to identify the level of security you are comfortable with in your personal life; but then apply it consistently.
People: As a "Digital Consumer", you should ensure you have the basic understanding of the cyber threats, how to recognize them and what to do when you identify them. This will apply to you, your family and friends. This is what some call now "Digital Literacy" and can be easily learnt and also be kept up to date with it. There are plenty of resources online to subscribe to and get regular updates. If not yet subscribed, do it NOW!
Processes: Cyber space threats and their identification along your online journey should become a norm to you as it is with your physical world. I.e. You always know to lock the door of your home when you leave, lock the cars when you go to a mall or keep your children away from fire or wrong places. This should be exactly the same safety steps you take for the use of your digital tools and devices in the digital world. In addition, in today's social world, sharing information about any experiences you have, anything you noticed or identified is also a very powerful tool to reduce the expansion of any attacks that might have targeted you or someone you know.
Technologies: Keeping your applications, operating systems of your phones, PCs and any other connected device to the latest version and using complex passwords or even two-factor authentication tools will ensure you are using securely up-to-date technologies.
As a Business:
Last year alone, Cyber attacks have costed global businesses as much as $500 billion; with banking and financial sector leading the way for top targets followed by Telecom, Defence, Oil & Gas and IT sectors.
So did they lose the match? Not at all. The global businesses also have created trillions of dollars of new innovations and businesses. What we need here is to minimise any loses!
People: Your employees are your first line and most susceptible line of Defense. Therefore, a comprehensive user awareness training is vital to ensure they are not only aware of the threats, but also able to identify them and know how to react when they face one. Your business executives are also important to be educated, not only similar to all other employees, but also how to react & make right decisions when the business faces such an issue. Of course, you will also need to have your own Cybersecurity experts within your organisation. They are the ones that will operate your Cyber security strategy and they must be consistently trained on latest threats. As mentioned before, it is not "if" you will be attacked, but "when" and you need everyone to be prepared when it happens.
Processes: Enterprise Risk Management is not a new process within the enterprise and therefore Cyber Security should be a key part of this (even be the leading one in the digital age). All your policies, processes & business continuity management activities should capture the Cyber space. Appoint a Chief Cyber Security Officer (if not already done so) and ensure they have a decision making place at the board level.
As in most sports, where you don't put everyone as goalkeepers, you shouldn't simply treat all your business assets the same. You should, with your Cyber security experts, identify and prioritise your information and digital assets based on business risk and apply the relevant security protection concepts for them. Your Cyber security governance should also extend into all your corporate functions, products as well as to your suppliers and vendors with which you do business as their protection will ensure your protection as well.
Technology: This is where your Cyber Security Operations Center comes in place. With the right detection, cyber intelligence & forensic data analytics software you will equip and empower your cyber security experts with the right tools to combat the attackers. With latest advances in machine learning and automation, these tools can also support the cyber security experts to respond faster and work more efficiently in combating cyber attacks.
As a Government:
Every minute, there is around half a million attack attempts that are happening in cyberspace.
Here the Governments should take an active role in ensuring there are platforms that supports expected security standards, open collaboration and national and global democratisation of data around security.
People: Governments should work with schools and universities to update their curriculum and support cyber security as a full discipline as well as as a mandated basic study to bring all students to have the basics of awareness and prevention. In addition, the government should have cyber security experts as part of its Defense functions.
Process: To ensure security is in mind of everyone, regulations & standardisation should be aligned and governments should provide enablers to improve Cyber security activities across multiple markets and areas. Governments should ensure there is regular information sharing channels to manage evolving and emerging cyber threats. One area also that the government can be active on is provide cross-industry procedures and regular testing to help businesses identify their weaknesses and improve.
Technologies: Government should implement their own cyber security Center in addition to using the state of the art tools as they will be targeted like any other business or individual. In addition, Governments should promote the cross-industry collaboration in identifying new innovations in fighting cyber crime.
As the saying goes: "Plan for your worst days and live for your best days". Cyber security is a practice that is required at home, in the office and on the streets, digital and physical streets but Cyber space & digital world is still fascinating, enjoyable and beneficial to everyone. I am sure with technology advancement and innovation over the coming years, we will all have better tools and more secure technologies but also we will have different types of "hackers" and teams trying to attack us. A consistent and agile security processes & awareness across individuals, businesses and governments will make us stronger and smarter to respond to such risks and threats. Always keep in mind, the "digital world" flourished for its user centric connectivity, ease of use and access and never let Cyber Security tarnish these characteristics; rather complement them.
In the next 100 days, start with:
1- Knowing your Environment: Understand your environment, the threats you have inside and outside your environment, the types of "hackers" and their tactics. Ensure this knowledge is not in the few but across your entire family, business or society (of course with various level of details).
2- Defining your priorities: Define your key assets, as individual, as a business or as a government and ensure you have appropriate protection relative to your assets. One SIZE doesn't fit all!!
3- Learning and Evolving: Define your defensive strategy based on your knowledge and information. Regularly review it, rehearse it and ensure you continuously improve it using available data, input and information you get from your environment.